Lucene search
GoogleOSV:BIT-POSTGRESQL-2022-41862HistoryMar 06, 2024 - 11:03 a.m.
BIT-postgresql-2022-41862
2024-03-0611:03:45
Google
osv.dev
12
postgresql
server
vulnerability
unauthenticated
string
over-read
error message
kerberos
transport encryption
software
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
| CPE | Name | Operator | Version |
|---|---|---|---|
| postgresql | lt | 13.10.0 | |
| postgresql | ge | 14.0.0 | |
| postgresql | lt | 14.7.0 | |
| postgresql | lt | 12.14.0 | |
| postgresql | lt | 15.2.0 | |
| postgresql | ge | 15.0.0 | |
| postgresql | ge | 13.0.0 | |
| postgresql | ge | 12.0.0 |
Related
veracode
veracode
Information Disclosure
2023-02-11 23:04:31
altlinux
altlinux
Security fix for the ALT Linux 10 package postgresql15-1C version 15.2-alt1
2023-02-20 00:00:00
Security fix for the ALT Linux 10 package postgresql15 version 15.2-alt1
2023-02-20 00:00:00
Security fix for the ALT Linux 10 package postgresql12 version 12.14-alt1
2023-02-20 00:00:00
cvelist
cvelist
CVE-2022-41862
2023-03-03 00:00:00
oraclelinux
oraclelinux
libpq security update
2023-11-11 00:00:00
libpq security update
2023-11-17 00:00:00
postgresql security update
2023-04-11 00:00:00
openvas
openvas
nessus
nessus
Oracle Linux 8 : libpq (ELSA-2023-7016)
2023-11-21 00:00:00
RHEL 9 : libpq (RHSA-2023:6429)
2023-11-07 00:00:00
Amazon Linux 2 : libpq (ALASPOSTGRESQL12-2024-010)
2024-03-18 00:00:00
prion
prion
Code injection
2023-03-03 16:15:00
cloudfoundry
cloudfoundry
USN-5906-1: PostgreSQL vulnerability | Cloud Foundry
2023-03-23 00:00:00
osv
osv
Low: libpq security update
2023-11-14 00:00:00
Low: libpq security update
2023-11-07 00:00:00
CVE-2022-41862
2023-03-03 16:15:09
kaspersky
kaspersky
KLA20223 OSI vulnerability in PostgreSQL
2023-02-09 00:00:00
ibm
ibm
cgr
cgr
CVE-2022-41862 vulnerabilities
2024-05-19 03:07:16
mageia
mageia
Updated postgresql packages fix security vulnerability
2023-02-27 23:27:16
cve
cve
CVE-2022-41862
2023-03-03 16:15:09
wolfi
wolfi
CVE-2022-41862 vulnerabilities
2024-06-02 22:01:16
cbl_mariner
cbl_mariner
CVE-2022-41862 affecting package postgresql for versions less than 14.11-1
2024-03-05 17:52:42
CVE-2022-41862 affecting package postgresql 12.15-1
2024-06-03 03:07:42
ubuntucve
ubuntucve
CVE-2022-41862
2023-02-10 00:00:00
redhat
redhat
(RHSA-2023:7016) Low: libpq security update
2023-11-14 08:42:45
(RHSA-2023:6429) Low: libpq security update
2023-11-07 06:05:24
(RHSA-2023:1576) Moderate: postgresql:13 security update
2023-04-04 08:51:28
debiancve
debiancve
CVE-2022-41862
2023-03-03 16:15:09
redhatcve
redhatcve
CVE-2022-41862
2023-02-15 15:29:59
almalinux
almalinux
Low: libpq security update
2023-11-07 00:00:00
Low: libpq security update
2023-11-14 00:00:00
Moderate: postgresql:13 security update
2023-04-04 00:00:00
alpinelinux
alpinelinux
CVE-2022-41862
2023-03-03 16:15:09
freebsd
freebsd
rocky
rocky
postgresql:13 security update
2023-04-06 15:52:43
postgresql:12 security update
2023-10-06 23:10:12
photon
photon
Low Photon OS Security Update - PHSA-2023-3.0-0531
2023-02-10 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0336
2023-02-18 00:00:00
redos
redos
ROS-20240329-11
2024-03-29 00:00:00
ROS-20240329-12
2024-03-29 00:00:00
hp
hp
HP Device Manager Vulnerability Update (5.0.12)
2024-01-26 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
4.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.3%
Related for OSV:BIT-POSTGRESQL-2022-41862